<?php
/////////////////////////////////////////////////////////////////////////////
// 
//
// workflow_system
//
// workflow_copyright
// 
/////////////////////////////////////////////////////////////////////////////

/**
 * FILE_NAME : filter.class.php   FILE_PATH : classes\libraries\filter.class.php
 * ....代码字符串过滤
 *
 * @copyright workflow_system
 * @author workflow Develop Team 
 * @version Fri Mar 28 00:38:48 CST 2008
 */
class FilterClass {

	/**
     * 对于输出到模板的字符串进行过滤及替换
     * @author workflow Develop Team
     * @param  $_filterstringCacheArray array(),$arrayContent string
     * @return array
     */
	function outFilterString($_filterstringCacheArray,$arrayContent){
		$newArray = array();
		if (is_array($arrayContent)){
			foreach ($arrayContent as $k=>$v){
				$newArray[$k] =   FilterClass::toFormat($_filterstringCacheArray,$v);
			}
		}else{
			$newArray = FilterClass::toFormat($_filterstringCacheArray,$arrayContent);
		}
		return $newArray;
	}

	/**
     * 对指定的字符串进行替换
     * @author workflow Develop Team
     * @param  $_filterstringCacheArray array(),$value string
     * @return string
     */
	function toFormat($_filterstringCacheArray,$value){
		$content =  count($_filterstringCacheArray['filter'])==0 ? $value : preg_replace($_filterstringCacheArray['filter']['patterns'], $_filterstringCacheArray['filter']['replacements'], $value);
		return FilterClass::dangerousCode($content);
	}

	/**
     * 对于危险字符串的替换
     * @author workflow Develop Team
     * @param  $value string
     * @return string
     */
	function dangerousCode($value){
		$patterns = array(
		"/<script.*>.*<\/script>/siU",
		"/<iframe.*>.*<\/iframe>/siU",
		"/<input(.*submit.*)>/siUe",
		"/<form(.*action.*)>/siUe",
		'/on(mousewheel|mouseover|click|load|onload|submit|focus|blur)="[^"]*"/i'
		);
		$replacements = array('','','','','');
		return preg_replace($patterns, $replacements, $value);
	}

	/**
	 * 读取文件信息
	 * @author     
	 * @param  
	 * @return array
	 */
	function getFilter(){
		if (!file_exists("../share/filterstring.inc.php")){
			$fh = @fopen( "../share/filterstring.inc.php", 'w' );
			@fclose($fh);
			@chmod ("../share/filterstring.inc.php",0775);
		}
		require_once("filterstring.inc.php");
		$array = $_filterstringCacheArray['filter'];
		if (is_array($array)){
			foreach ($array["patterns"] as $k => $v){
				/*切割敏感词前后标志*/
				$v = substr($v,1);
				$array["patterns"][$k] = substr($v,0,strlen($v)-2);
				/*整理敏感词修改时显示样式*/
				$array["patterns"][$k] = str_replace(".{0,","{",$array["patterns"][$k]);
				if ($array["replacements"][$k] != "**"){
					$line .= $array["patterns"][$k]."=".$array["replacements"][$k]."\n";
				}else {
					$line .= $array["patterns"][$k]."\n";
				}
			}
		}
		return $line;
	}

	/**
	 * 保存敏感词
	 * @author 
	 * @param $input_param
	 * @return bool
	 */
	function saveFilter($input_param){
		$input_filter_array = explode("\n",trim($input_param));
		
		$filter_array = array();
		if (!empty($input_filter_array)){
			foreach($input_filter_array as $k => $v){
				if ($v != ''){
					$v = trim($v,"\r");				
					$patterns = preg_replace("/{(\d+)}/", ".{0,\\1}",$v);
					$pos= strpos($v,'=');
					if ($pos === false){
						$replacements = '**';
					}else{
						$v_array= explode("=",$v);
						//$patterns     = $v_array[0];
						$patterns  = preg_replace("/{(\d+)}/", ".{0,\\1}",$v_array[0]);
						$replacements = $v_array[1];
					}
					if (empty($filter_array['patterns'])){
						$filter_array['patterns'][] = '/'.$patterns.'/i';
						$filter_array['replacements'][] = $replacements;
					}else {
						if (!in_array('/'.$patterns.'/i',$filter_array['patterns'])){
							$filter_array['patterns'][] = '/'.$patterns.'/i';
							$filter_array['replacements'][] = $replacements;
						}
					}
					unset($patterns,$replacements);
				}
			}
            
            include_once("fileoperate.class.php");
            $make_file_result = FileOperate::makeFilterFile("../share/filterstring.inc.php",$filter_array);
            return $make_file_result;
		}

	}
}
?>